<?php
/*
  Document   : home page
  Created on : 20-april-2011, 08:30:45
  Author     : Shahram Abdi
 */
?>
<div id="content">
    <h3>Laatste artikelen</h3>
    <div id="nieuws"></div>
    <a title="Nieuws" class="meer" href="?p=nieuws">meer nieuws...</a><br/>


    <h4>Nieuwste stages</h4>
    <hr>
    <div id="stages"></div>
    <a title="Stages" class="meer" href="student/index.php?p=zoekstage">meer stages...</a><br/>

    <h4>Deze stagebedrijven zoeken op geoplaza.nl naar stagiairs:</h4>
    <hr>
    <div id="logos"></div>

</div>

<?php
// Clear the error message
$error_msg = "";
require_once('./config/config.php');
// If the user isn't logged in, try to log them in
if (!isset($_SESSION['user_id'])) {
    if (isset($_POST['submit'])) {
        // Connect to the database
        $dbc = mysqli_connect(DB_HOST, DB_USER, DB_PASSWORD, DB_DATABASE);

        // Grab the user-entered log-in data
        $user_username = mysqli_real_escape_string($dbc, trim($_POST['username']));
        $user_password = mysqli_real_escape_string($dbc, trim($_POST['password']));

        if (!empty($user_username) && !empty($user_password)) {
            // Look up the username and password in the database
            $query = "SELECT studentID, voornaam, email FROM studentprofiel WHERE email = '$user_username' AND wachtwoord = SHA('$user_password')";
            $data = mysqli_query($dbc, $query);

            if (mysqli_num_rows($data) == 1) {
                // The log-in is OK so set the user ID and username session vars (and cookies), and redirect to the home page
                $row = mysqli_fetch_array($data);
                $_SESSION['user_id'] = $row['studentID'];
                $_SESSION['voornaam'] = $row['voornaam'];
                $_SESSION['username'] = $row['email'];
                setcookie('user_id', $row['studentID'], time() + (60 * 60 * 24 * 30));    // expires in 30 days
                setcookie('voornaam', $row['voornaam'], time() + (60 * 60 * 24 * 30));    // expires in 30 days
                setcookie('username', $row['email'], time() + (60 * 60 * 24 * 30));  // expires in 30 days
                $home_url = 'http://' . $_SERVER['HTTP_HOST'] . dirname($_SERVER['PHP_SELF']) . '/index.php';
                header('Location: ' . $home_url);
            } else if ( !(mysqli_num_rows($data) == 1)) {
                // either onderwijs or werkgever
                // check for werkgever
                $query = "SELECT werkgeverID, instellingnaam, email, pakket FROM werkgeverprofiel WHERE email = '$user_username' AND wachtwoord = SHA('$user_password')";
                $data = mysqli_query($dbc, $query);

                if (mysqli_num_rows($data) == 1) {
                    // The log-in is OK so set the user ID and username session vars (and cookies), and redirect to the home page
                    $row = mysqli_fetch_array($data);
                    $_SESSION['user_id'] = $row['werkgeverID'];
                    $_SESSION['instellingnaam'] = $row['instellingnaam'];
                    $_SESSION['username'] = $row['email'];
                    $_SESSION['pakket'] = $row['pakket'];
                    setcookie('user_id', $row['werkgeverID'], time() + (60 * 60 * 24 * 30));    // expires in 30 days
                    setcookie('instellingnaam', $row['instellingnaam'], time() + (60 * 60 * 24 * 30));    // expires in 30 days
                    setcookie('username', $row['email'], time() + (60 * 60 * 24 * 30));  // expires in 30 days
                    setcookie('pakket', $row['pakket'], time() + (60 * 60 * 24 * 30));    // expires in 30 days
                    $home_url = 'http://' . $_SERVER['HTTP_HOST'] . dirname($_SERVER['PHP_SELF']) . '/index.php';
                    header('Location: ' . $home_url);
                }
                else if ( !(mysqli_num_rows($data) == 1)) {
                    $query = "SELECT onderwijs_id, instellingNaam, email, pakket FROM onderwijsinstelling WHERE email = '$user_username' AND wachtwoord = SHA('$user_password')";
                    $data = mysqli_query($dbc, $query);

                    if (mysqli_num_rows($data) == 1) {
                        // The log-in is OK so set the user ID and username session vars (and cookies), and redirect to the home page
                        $row = mysqli_fetch_array($data);
                        $_SESSION['user_id'] = $row['onderwijs_id'];
                        $_SESSION['instellingnaam'] = $row['instellingNaam'];
                        $_SESSION['username'] = $row['email'];
                        $_SESSION['pakket'] = $row['pakket'];
                        setcookie('user_id', $row['werkgeverID'], time() + (60 * 60 * 24 * 30));    // expires in 30 days
                        setcookie('instellingnaam', $row['instellingNaam'], time() + (60 * 60 * 24 * 30));    // expires in 30 days
                        setcookie('username', $row['email'], time() + (60 * 60 * 24 * 30));  // expires in 30 days
                        setcookie('pakket', $row['pakket'], time() + (60 * 60 * 24 * 30));    // expires in 30 days
                        $home_url = 'http://' . $_SERVER['HTTP_HOST'] . dirname($_SERVER['PHP_SELF']) . '/index.php';
                        header('Location: ' . $home_url);
                    } else {
                        // The username/password are incorrect so set an error message
                        $error_msg = 'Sorry, you must enter a valid username and password to log in.';
                    }
                }
            }
        }
        else {
            // The username/password weren't entered so set an error message
            $error_msg = 'Sorry, you must enter your username and password to log in.';
        }
    }
}

// If the session var is empty, show any error message and the log-in form; otherwise confirm the log-in
if (empty($_SESSION['user_id'])) {
    echo '<p class="error">' . $error_msg . '</p>';
?>
    <div id="login">
        <form method="post" action="<?php echo $_SERVER['PHP_SELF']; ?>">
            <table >
                <tr>
                    <td>Gebruikersnaam:</td><td><input type="text" name="username" value="<?php if (!empty($user_username))
        echo $user_username; ?>" /></td>
            </tr>
            <tr>
                <td>Wachtwoord:</td><td><input type="password" name="password"/></td>
            </tr>
            <tr>
                <td><input type="submit" name="submit" value="Inloggen" /></td>
            </tr>
        </table>
        <br/>
    </form>
</div>

    <a class="sidebarNav" href="werkgever/index.php?p=home">Registreren werkgevers</a>
    <a class="sidebarNav" href="student/index.php?p=makeprofile">Registreren student</a>
    <a class="sidebarNav" href="onderwijs/index.php">Registreren onderwijsinstelling</a>
<?php
}
else {
    // Confirm the successful log-in
    if (!empty($_SESSION['pakket'])) {
        // confirm login onderwijs
        if ( $_SESSION['pakket'] == 'aa' || $_SESSION['pakket'] == 'bb' || $_SESSION['pakket'] == 'cc') {
            echo('<div id="login"><p>Welkom ' . $_SESSION['instellingnaam'] . '</p>');
            echo('<form method="post" action="logout.php">');
            echo('<table><td><tr><td>');
            echo('<input type="submit" name="submit" value="Uitloggen" class="uitloggen" />');
            echo('</td></tr></table>');
            echo('</form></div>');
            echo('<a class="sidebarNav" href="onderwijs/index.php?p=viewprofile' . $_SESSION['pakket'] . '">Mijn profiel</a>');
            
        }
        // confirm login Werkgever
        else {
            echo('<div id="login"><p>Welkom ' . $_SESSION['instellingnaam'] . '</p>');
            echo('<form method="post" action="logout.php">');
            echo('<table><td><tr><td>');
            echo('<input type="submit" name="submit" value="Uitloggen" class="uitloggen" />');
            echo('</td></tr></table>');
            echo('</form></div>');
            echo('<a class="sidebarNav" href="werkgever/index.php?p=viewprofile' . $_SESSION['pakket'] . '">Mijn profiel</a>');
        }
        // confirm login student
    } else {
        echo('<div id="login"><p>Welkom ' . $_SESSION['voornaam'] . '</p>');
        echo('<form method="post" action="logout.php">');
        echo('<table><td><tr>');
        echo('<input type="submit" name="submit" value="Uitloggen" class="uitloggen" />');
        echo('</td></tr></table>');
        echo('</form></div>');
        echo('<a class="sidebarNav" href="student/index.php?p=viewprofile">Mijn profiel</a>');
    }
}
?>

	